In brief NordPass has released its list of the most common passwords of 2022, and frankly we’re disappointed in all of you.
Topping the list of the most common passwords was, sadly, “password,” followed by “123456” and its more secure relative “123456789,” “guest,” “qwerty” and lots more you can definitely figure out without needing the help of a cracking tool.
Seriously, few of the passwords in this list are even words: Most are just repetitions of a single character, sequences of easy-to-guess numbers, a straight run down a row of keys, or basic combinations like “[email protected]”
Along with a depressingly basic list of common passwords and the speed it takes to crack them (most are listed as < 1 second), NordPass shared some statistics about what’s trending in the password world, like the word “Oscars,” which pops up especially around award season, as well as “batman,” “euphoria” and “encanto” after the eponymous films and TV series that have been popular this year.
This is hardly the first time a list of the most common passwords was led by such easy-to-guess words – nor even the first time this year. Unfortunately, that means there’s a problem with people not getting the message on password hygiene.
Alternatively, it’s possible many of the basic passwords on this list may be from internet connected devices whose owners didn’t change their default passwords. Whether that’s the case or not is unknown, but if true it could indicate another problem that really needs to be dealt with.
Getting back to passwords generated by humans, NordPass has some tips for those among us who would rather be opened up to a simple hack than set a tricky-to-guess one. You’ve probably heard these before, but they clearly need to be stated again.
For starters, make sure it’s at least 12 characters long, and combine upper/lowercase letters with numbers and symbols. Better yet, use a password generator.
It’s also essential to not reuse passwords on different accounts, something most of us are probably guilty of, as well as regularly auditing accounts to see which you no longer use and can close to reduce your online footprint.
Be sure to also check your password strength regularly, which lots of password managers and web browsers that store credentials are capable of doing. Regularly change passwords, too.
Speaking of which, NordPass, which is in the password management business, says everyone should get a password manager, but of course they would.
Cisco warns over Secure Email Gateway
Cisco has published a bug report that warns that Sophos and McAfee scanning engines on Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass specific filtering features. “The issue is due to improper identification of potentially malicious emails or attachments. An attacker could exploit this issue by sending a malicious email with malformed Content-Type headers (MIME Type) through an affected device,” the alert says. “An exploit could allow the attacker to bypass default anti-malware filtering features based on the affected scanning engines and successfully deliver malicious messages to the end clients.”
Nighthawk may be the next Cobalt Strike, researchers warn
A command-and-control framework intended for use by red teams, known as Knighthawk, is becoming more popular, and will likely end up in the hands of threat actors before we know it, Proofpoint researchers are warning.
Nighthawk was first detected by Proofpoint in September of this year, and is described by the security company as “a mature and advanced” framework “that is specifically built for detection evasion, and it does this well.”
Nighthawk hasn’t been spotted in the wild being used by bad actors, Proofpoint said, but notes that it would be “incorrect and dangerous to assume that this tool will never be appropriated.”
Proofpoint said it observed a 161 percent increase in threat actors using Cobalt Strike, a similar C2 framework, between 2019 and 2020, along with additional quick adoption of Silver, an open-source adversary simulation tool.
Like Cobalt Strike, the company that sells Nighthawk vets its customers to ensure the software doesn’t end up in the hands of bad actors. As Google noted in a blog post this week, vetting hasn’t stopped threat actors from getting their hands on Cobalt Strike, which is why the search giant said in the same post that it recently made back end changes to ensure Cobalt Strike is “harder for bad guys to abuse.” ®